Unrated severityNVD Advisory· Published May 9, 2022· Updated Aug 2, 2024
Popup by Supsystic < 1.10.9 - Unauthenticated Subscriber Email Addresses Disclosure
CVE-2022-0424
Description
The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Popup by Supsystic plugindescription
- Range: <1.10.9
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/1e4593fd-51e5-43ca-a244-9aaef3804b9fmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.